Bugtraq mailing list archives
RE: Promiscuous email printing in Canon imageRunner
From: "Eric McCarty" <eric () lawmpd com>
Date: Wed, 29 Sep 2004 10:10:10 -0700
You think that's bad?, HP Laserjet 4000's, 4100's, 4200's and others accept any print job you FTP to them, and its anonymous ftp so anyone can ftp in and send over a print job using the PUT command. This is nothing new and has been long reported however. The trick would be finding a way to upload files to the onboard printer memory and keep them there, 64mb of space to hide a tarball or zip of utils would defintely be nice on campus networks. Eric -----Original Message----- From: Matthew E. Lauterbach [mailto:mlauterbach () mail wtamu edu] Sent: Monday, September 27, 2004 2:02 AM To: bugtraq () securityfocus com Subject: RE: Promiscuous email printing in Canon imageRunner On Thursday, September 23, 2004 5:44 PM Andrew Daviel wrote:
The Canon iR5000i digital printer (and probably other imageRunner models) has a somewhat undocumented print-from-email feature. Any text/plain email sent to port 25 on the device will be printed. The MAIL FROM and RCPT TO values are not authenticated or even checked
for syntax.
The Canon iR85 does not seem to have this "feature". Doing "telnet 10.0.0.1 25" to either of my iR85 printers returns "Could not open connection to the host, on port 25: Connect failed". Matt Lauterbach
Current thread:
- Promiscuous email printing in Canon imageRunner Andrew Daviel (Sep 24)
- Re: Promiscuous email printing in Canon imageRunner Chip Mefford (Sep 25)
- RE: Promiscuous email printing in Canon imageRunner Matthew E. Lauterbach (Sep 28)
- <Possible follow-ups>
- RE: Promiscuous email printing in Canon imageRunner Eric McCarty (Sep 29)
- Re: Promiscuous email printing in Canon imageRunner Felix Lindner (Sep 30)